Frictionless authentication? Wrong. Get the right amount of friction.
Frictionless authentication is intrinsic to maintaining a user's trusted state, but it's only part of the story
Frictionless authentication, debunked.
We would genuinely love there to be a perfect state, in which your customers glide through their day, totally and effortlessly secure.
But deep down we all know that ‘frictionless’ and ‘security’ are in fact a dichotomy, somewhat ironically causing friction between your fraud and your customer experience teams. We all know that frictionless, whilst customer-centric, can’t deliver enough security across a wide range of scenarios. Frictionless doesn’t put protection first.
So let’s change the narrative, and talk about what we really need: the right amount of friction, and – since we’re here – what your step-up security says about your commitment to the user experience.
We need to talk about frictionless authentication
Of course, there is a time and place for frictionless. Low-risk, familiar transactions can use continual behavioural authentication scores to maintain a user’s trusted state. But a certain level of friction is unavoidable, to protect against suspicious, unusual or accidental transactions.
So when you need to apply friction, what does your ‘step-up’ authentication say about your commitment to the customer experience?
AimBrain is helping an APAC digital bank offer remote onboarding and an enhanced login/step-up authentication experience with AimFace.
Relying on outdated step-up security measures such as password entry, push notifications or hard tokens adds inconvenience and frustration, undoing all of that invisible customer-first work you’ve done, and forcing you back to a binary yes or no decision.
Using a risk-based, rather than rules-based, approach with additional biometrics as your ‘step-up’ supports flexible risk scenario modelling.
That’s why our active authentication steps are just as smooth as your invisible security.
Farewell frictionless; it’s time for the right amount of friction
AimBrain is helping a European FS technology provider offer liveness detection to its clients, using AimFace facial authentication.
Apply the right amount of friction for any scenario
Invisible, continuous authentication
Use behavioural biometrics as your invisible security guard, patrolling your user’s session from login to logout. Only step up to an active authentication if a user’s behaviour seems anomalous.
Keep guard for suspicious patterns
Use anomaly detection to monitor for suspicious behaviour that could signify fraud, based on annotated or industry data. Invoke additional security to stop fraud before it happens.
Design risk-based sequences that factor in the impact, severity or likelihood of a breach, or for specific use cases or scenarios. Adjust according to your individual risk appetite.
...Step down when you can
Actively reduce the security steps once a certain trust level has been achieved, to allow a user to continue in-session with fewer interruptions for a smoother experience.
Our simple statistical sliders help you quickly visualise the impact of adjustments to your risk thresholds, so that you can assign the right amount of friction for the situation.
Architect it your way
Use biometrics as standalone user authentication or as part of your wider authentication strategy. Connect to our open API using easy-to-deploy open-source SDKs.
What does your “right amount of friction” look like?
Let’s ditch frictionless – speak to the team
try risk adjustments for free with our dashboard
How will you architect your risk model?
Mix up your active & passive security.
Let’s stamp out ‘frictionless authentication’ and start talking about the right amount of friction.
Let your users know that you’re protecting them in unusual scenarios, but make it easy for them and step it down once you’re confident of their authenticity.
Our silent, ultra vigilant AimBehaviour and AimAnomaly Detection modules work in stealth mode, and form the perfect underlying security platform. Check for anomalous behaviour from the onboarding stage, and receive continual, in-session, risk-based scores of a user’s authenticity in real-time, and use to underpin your active authentication sequences, to keep your customers, and your business, secure.
We’ve designed three modules for situations requiring an active user authentication: AimFace facial authentication, AimVoice voice authentication and AimFace//LipSync, our combined facial, audio and movement authentication. Use them for standalone user verification, or as part of a step-up sequence.